The SRA Risk Outlook 2017/18 was published on the 25th July. There are eight priority risks identified for the coming year, namely:
Lack of access to legal services
Standards of service
Information security (and Cybercrime)
Protecting client money
Independence and integrity
Diversity in the profession
— SRA (@sra_solicitors) July 25, 2017
Paul Phillip, Chief Executive of the SRA said, ‘The Risk Outlook will help you to respond to our changing world and manage the new risks it brings’.
Do they sound familiar? They should, because 7 of them are the same as last year (so called the ‘Significant Seven’!). The new addition this year is the involvement in questionable investment schemes.
The fact that the Significant Seven remain is not a criticism by the way – there are ongoing and evolving challenges surrounding areas like cybercrime and money laundering so it’s only right that they should continue to appear on the list.
Overview of risks identified by the SRA
Lack of access to legal services – This first appeared as a key risk last year and anyone who has been reading any of the SRA’s literature over the last year will not be surprised to see it appearing again. The CMA’s Legal services statistics are repeated, you know the ones – only one third of people with a legal problem obtained professional advice etc. The SRA see two main ways of tacking this risk – through innovation and transparency. By removing barriers to allow firms to become more innovative, it will ensure that ‘solicitors and firms have the flexibility to meet legal need’. Transparency will continue to be pushed with focus on increasing information available on firms, publishing price and complaint information amongst other things is not going away.
Standards of Service – Maintaining high standards within the profession is arguably what the SRA is all about so it is always going to be a priority risk. The statistics relating to complaints are interesting and are worth a read. There is plenty firms can do to minimise many of the common complaints such as ‘Delay’, ‘Failure to advise’ ‘Failure to keep informed’ and ‘Failure to progress’ for example. The SRA thinks its plans to introduce shorter codes of conduct will ‘make it easier for solicitors and the public to understand the standard of service we expect solicitors to provide’. It remains to be seen whether this has been time well spent, we are uncertain whether it will make any real difference.
Investment Schemes – Drumroll…here is the newbie! Solicitors can be targeted to become involved in questionable investment schemes as they can make the schemes appear more credible, this has become increasingly common hence it being a priority risk this year. Reading the SRA’s warning notice should be your starting point, and there are some simple things that you can do to avoid becoming unwittingly involved in investment schemes including: not allowing your client account to be used as a banking facility, being clear who your client is and not giving the impression that someone is a client if they are not and carrying out due diligence on any investment scheme.
Information security – This risk includes cybercrime and is a priority risk because solicitors handle very sensitive information which can harm clients (and indeed the profession) if lost or stolen. Cybercrime is increasing year on year and we’ve recently seen some large organisation fall victim to attacks. Criminals are constantly finding new ways of breaking systems so it’s a subject that everyone should always keep on top of. Interestingly, many cyber-attacks target human error so make sure that staff at all levels are kept informed of any developments. In addition to the ongoing problem of Cybercrime, the General Data Protection Regulation, which will come into force on the 25th May 2018 makes this an important risk this year.
Protecting client money – Whilst it is accepted that the number of firms and solicitors that mishandle client money is a minority, when it does happen, it does of course have a severe effect on consumers, law firms and the reputation of the whole profession. The SRA are reforming the accounts rules and see this as a positive step, but is it really going to make client money safer? Cybercrime is also mentioned in this context with criminals using various methods of attempting to divert client money. We would suggest that if you only take away one thing from this, it should be that email instructions to transfer money or with bank account details, no matter who they are from, should always be confirmed in person or over the phone.
Money laundering– it’s only right that money laundering appears again this year, it is very much an ongoing live issue and of course the money laundering regs have recently come out. It’s good to see that the SRA acknowledge the short lead-in time that the profession had, and have promised to take a ‘proportionate’ approach to any breaches to the regulations.
Independence and integrity – Independence and integrity are important professional standards and worryingly complaints to the SRA relating to lack of integrity are rising. Personal injury, holiday sickness claims and PPI are a focus in this section, with concerns including paying prohibited referral fees, cold calling and coaching people into making a claim.
Diversity in the profession – There is a recognition that diversity is improving, but that it needs to remain a focus because a diverse and inclusive profession benefits everyone. On the list of things that the SRA are doing to help is the Equality and Diversity survey and the move to Solicitors Qualification Examination, which the SRA hopes will improve access to the profession.
To be fair, the SRA Risk Outlook 2017/18 is a well thought-out piece of work, but there are a few things that we would have expected to see:
- Brexit – This time last year the SRA said it was ‘too early’ to give any comment on Brexit and the 2016/2017 autumn update also provided little guidance. Here we are, 13 months after the decision to leave the EU, which will undoubtedly have a massive impact on the legal system, and it is surprising to see that it does not feature high on the SRA’s radar.
- Money laundering regulations 2017 – the regs are of course mentioned under the Money Laundering priority risk but we can’t help but feel that the SRA have missed a chance to really guide and help the profession on what they need to do following MLR2017.
- Access to justice – ongoing cuts to legal aid, court closures and reform to personal injury continue to have an effect on access to justice, especially for the most vulnerable in society (dare we say it) yet do not appear again in the risk outlook.
- Continuing competence – with 3 months to go until you have to declare that you have ‘reflected on my practice and addressed any identified learning and development needs’ for the first time, it is interesting that the SRA do not see any risks in this overhaul of learning and development. How will the SRA address those people who haven’t started the process yet, or who see this as a way out of being ‘forced’ to do 16 hours CPD per year?
- General Data Protection Regulation – granted this is mentioned in the information security section, and even a reference to the ICO’s guidance is given. But where is the guidance for solicitors? Again, in our view the SRA have missed a chance to help and guide the profession.
You should also read…
Have a look at the SRA’s recent Corporate Strategy 2017-20. You will see that the regulator is taking radical steps to address some of the risks identified in the Risk Outlook (particularly lack of access to legal services), but not much about others e.g. money laundering and cybercrime. It’s an interesting insight into where the SRA’s priorities actually are.
So that’s it, our guide to the SRA Risk Outlook 2017/18. We hope you found it helpful and please get in touch if you have any comments.